| 摘要 |
Methods and systems for processing network content associated with multiple virtual domains are provided. According to one embodiment, a service daemon process is instantiated within a firewall to handle content processing of network traffic of virtual domains by aggregating communication channels associated with the virtual domains and by applying an appropriate content processing policy for the corresponding virtual domain. A connection request is received by the firewall from a virtual domain. A child process is forked by the service daemon process to handle network traffic associated with the virtual domain. A communication channel is established between a kernel of the firewall and the service daemon process to transfer a portion of the network traffic between the service daemon process and the kernel. The child process is configured to perform content processing of the network traffic in accordance with a content processing policy associated with the virtual domain.
|
